Don't Forget Your Employer Might Be Looking At Your IMs, Too
from the big-brother dept
It's pretty common workplace knowledge that many companies keep tabs on employees' email and web-surfing habits, whether they're actively policing them, or just saving information for possible future use. While common sense would dictate that a company could track nearly anything that goes across its network or happens on one of its machines, some people don't use the same discretion in using instant-messaging programs at work as they do when they're using a work email account. But two recent scandals highlight that IM isn't as private as many people might perceive it to be, as chat transcripts have played a significant role in both the HP spying fiasco and the controversy surrounding former Congressman Mark Foley, who sent sexually explicit IMs to underage boys. In the HP case, the company's investigators monitored chats between an employee and a reporter; Foley was exposed after other Congressional pages gave saved chat transcripts to the media. While the methods used differ, they both illustrate that IMs may not disappear into a black hole once a chat session is closed. Of course, that's not really news, but it might be worth reinforcing to some people -- like the Yahoo employees that discussed their plans to jump ship to another company over Yahoo Messenger.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Uhmmm... duh...
I don't always agree with it, but, it is THERE equipment and if you do (or send) something inappropriate, well, you probably should'a been doing your job.
[ link to this | view in chronology ]
Re: Uhmmm... duh...
[ link to this | view in chronology ]
Re: Re: Uhmmm... duh...
[ link to this | view in chronology ]
Re: Re: Re: Uhmmm... duh...
[ link to this | view in chronology ]
Re: Re: Uhmmm... duh...
If you're technically inclined and know what you're doing, IT may not particularly care what you do, unless IT gets an order from on high to target you. I've seen it happen. Those guys are generally very busy with all kinds of different things and they don't like bothering with crap like this unless they have to. Of course, some of the things they troubleshoot send to discovering things like we're dicussing now.
In my dept., we all have administrator privledges, but we don't abuse them either. But they trust us mainly not to ass something up.
There are ways around this, but it's a throw of the dice and the more you do it the more your chances increase of getting caught because you're on somebody else's network and you don't know what's going on behind the network. The quick answers are, you're supposed to be working at work and violating a company policy that could possibly get you disciplined or terminated isn't worth it.
[ link to this | view in chronology ]
Re: Re: Uhmmm... duh...
[ link to this | view in chronology ]
More private chatting at work
[ link to this | view in chronology ]
Threat Model
[ link to this | view in chronology ]
WorkIsNotSafe
You're only so smart until you're caught with your pants around your ankles. If you are that much of an IM addict and can't wait to talk to your underage friends until you get home, maybe it's time to invest in an IM phone and not worry at all about your boss. Until then, I have no pitty for any retard that gets fired for missuing company hardware. In fact, I find it amusing.
[ link to this | view in chronology ]
Re: WorkIsNotSafe
[ link to this | view in chronology ]
IM scanning and avoidance
to guard against it, use an IM client which encrypts... however, that means you have to trust the IM server as it decrypts/re-encrypts the message as it passes through
if you don't trust even the IM server, use an Off The Record plugin such as that for Gaim.
[ link to this | view in chronology ]
Self-protections
But, when communicating outside of work, thankfully many of my friends are on GTalk, and I use the in-gmail chat under a secure session to talk to them, so it's not likely, unless using key loggers (which would be a STUPIDLY HUGE security risk) that those private IMs are being monitored.
[ link to this | view in chronology ]
Just tell them straight up...
[ link to this | view in chronology ]
I've Personally Fired You
Unfortunately for most companies, they have completely useless admins fresh from highschool. I guess you get what you pay for huh?
[ link to this | view in chronology ]
Re: I've Personally Fired You
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Yup...
It's that simple. For all the geniuses telling these people how to subvert corporate security efforts, good luck.
People, I personally believe that people telling you how to avoid detection, really don't know what they are doing.
For every example above, I have a very simple method to discover their secrets. So what I'm saying, in short:
There are no secrets from knowledgable Network Admins...GUARANTEED.
[ link to this | view in chronology ]
I have tried to look at the logs on the disk and you can't read then unless you log in as the user
[ link to this | view in chronology ]
Re: #15
What am I saying? No matter how safe your safhaven is, it is not safe until you are inside and close the door behind you. All the while, especially as you are entering your safehaven, you are THE MOST VULNERABLE.
The very act of getting to your secure location exposes you the most, thus rendering any and all security as unsafe.
[ link to this | view in chronology ]
You Bet
I will also continue to enjoy doing my job. No loss of sleep here. Don't do the crime unless.... eh, just do the crime so I can have another fun day at work :)
[ link to this | view in chronology ]
Re: You Bet
[ link to this | view in chronology ]
Re: You Bet
But, yes, you are correct, any good admin will be able to monitor and log all transactions that happen on your network. We do the same, and we also ensure that people know this. Everyone is required to sign a disclosure agreement that warns them that we monitor and log everything they do. Now the difference is, that we do not actively sit in front of our screen "looking" for people to break the rules to get them fired. Many people do occasionally surf the net or chat on IM for both personal and business related things, but in my eyes, if the person is getting their work done and not sitting on ebay all day, then leave them alone and let them go on with life. Just my 2 cents
[ link to this | view in chronology ]
Thanks!
While we're at it: don't visit porn sites or play WoW.
[ link to this | view in chronology ]
Day Off lol
So, go please get drunk, take a drive and pick up some children from a school. Only because people tell you it's wrong doesn't make it so in your head, apparently. I love your types, you only complain once you're busted. Go smoke another joint you hippy sack of crap.
[ link to this | view in chronology ]
Re: Day Off lol
[ link to this | view in chronology ]
Re: Day Off lol
[ link to this | view in chronology ]
Re: Re: Day Off lol
[ link to this | view in chronology ]
I am
[ link to this | view in chronology ]
I Agree Here
I have friends that have been fired from work (they assumed they couldn't be caught as well) for sending only a couple of IMs. I can't say I feel sorry for them, because they knew it was wrong, just like every employee that gets busted now days. They knew it was wrong when doing it, but they did it anyway. They MADE THE CHOICE to risk thier job over a simple IM or Email. Sounds to me like they knew what they were doing and deserve anything that follows.
If you don't understand why they deserve it, you have your head in the sand.
[ link to this | view in chronology ]
Give me my IMs damnit...
I only say this because I want to continue to pick up small children using my work's network. I feel safer doing this at work because it's not my computer. I will also defend every stupid thing I do, because it's my right to do it!
I only work at TacoBell though, so I guess I don't understand anything you people are saying. I get paid minimum wage, I weigh 375lbs and I live with my parents. I have a sad outlook on life and I tend to spend my time-off playing online mmorpgs, because it's easier to make digital friends than real onces. I only have one testicle and can't find my penis without my dad's help.
I'm a sad, sad person, but I will still piss on your rules if you give me the chance. It's all I have in life! muwahahahahahaha
[ link to this | view in chronology ]
This is great reading
No wonder illegal immigrants are taking your jobs. You American workers are freaking hilarious!
[ link to this | view in chronology ]
I'm not crying
[ link to this | view in chronology ]
Jesus, do you see now why us other countries make fun of you? Do you people not realize how sad you look, trying to defend your right to abuse your work's network?
I hope your entire economy tanks, I hope you all lose your jobs and I hope your families starve. I love watching stupid Americans lose at 'The American Dream' for the sole reason of not following the guidelines. You people fail in the most spectacular ways!
[ link to this | view in chronology ]
Re:
Nothing particuarly wrong with that. Americans as a whole just need to learn to save more.
[ link to this | view in chronology ]
Re: Re:
Just because you probably live in some repressive s***hole, and are unhappy, perhaps you should learn to mind your own business :-D
Cheers...
[ link to this | view in chronology ]
Re: #30
So many broken people...so little time.
Which one are you from? I'll get my screwdriver...
[ link to this | view in chronology ]
Wow, thanks for the encouragement
[ link to this | view in chronology ]
It's simple
Thedr are good employees and there are bad employees.
Good employees do their Inet garbage during lunch, breaks, etc...Bad employees, well they're just that, they do their Inet junk at any, and all times of the day. It takes only one bad employee to ruin it for the rest of the employeesbecause even as an admin I have to apply rules evenly. Yes my endusers are grouped into bad and good. Really, my Active Directory literally has two groups: Good and Bad. Bad, is restricted from IM (and other filters), only avilable for half hour lunch time. The Good group has more priveledge. I allow Bads to become Goods after about a year of punishment.
Sadist? No
Nazi? No
What then? My company sets these poilicies based on a thourough assessment and understanding of the problem.
[ link to this | view in chronology ]
Do you have a day off today too?
[ link to this | view in chronology ]
Re: Do you have a day off today too?
Nope...just doing lunch:)
[ link to this | view in chronology ]
Actually..
[ link to this | view in chronology ]
Admin's Job
A Network Admin doesn't have the power to fire anyone.... only bring the atention of someone who can to someone's missdeeds and yes they are missdeeds. The company that owns the network and pays your paycheck has every right to say you are not allowed to do this, this and this on company time. It not only costs them what they are paying you while you goof off but bandwith isn't free either.
Second is that you don't seem to understand what our job is all about. It's about keeping the network secure and running smooth. The number one risk to any network is the end user and not some hacker trying to crack in. Yes we do need to secure and guard against that but it's a fact that the bigest danger to a network is from the people in the network.
Oh and by the way i don't need to sit at a screen all day to catch people doing things they shouldn't.... just take a half hour a day and check the log's. Quite easy and a part of every Network Admin's day.
[ link to this | view in chronology ]
remember the old "water cooler" stereotype? hang out at the coffee table or whatever and bs for 5 minutes every 90 minutes or so? or what about the people who stay late? only get "paid" for 8 hours, but may stay 10...
and i think dilbert said it best
On Telecommuting:
"Am i required to work a full 8 hours? or Is it ok to put in just the 2 hours of real work i do at the office?" ~Dilbert (Scott Adams)
[ link to this | view in chronology ]
I'm so glad I work for a decent company
Of course this is a "as long as the job gets done on time, and it doesn't cause problems, I don't really care what else you're doing or how you're doing it" sort of company. I really feel for those who have to work for other types.
Just my thoughts...
[ link to this | view in chronology ]
Re: I'm so glad I work for a decent company
It depends what type of business your company does. Some businesses, especially those involved with government contracts, may bill according to hours. If auditors walk through and see people clowning on the Inet, this could cause all work (and pay) to stop.
So rules and regulations do vary for some institutions.
[ link to this | view in chronology ]
power hungry admind
Teknosapien,
Network Monitoring Systems Engineer
[ link to this | view in chronology ]
Re: power hungry admind
Look, I'm already on your network:)
Could you please elaborate on your tireless genius for the rest of us lazy admins?
I don't care whether it's a secure or an unsecure session, it can be breached. IM clients are notoriously poorly written and are even less secure. In fact one known breach is to simply have a session of IM open followed by a simple buffer overrun. This allowed just enough of an opportunity to install a ~200k keylogger with IRC capabilities through a browser.
[ link to this | view in chronology ]
Re: Day Off lol
[ link to this | view in chronology ]
People from the generation before that internet th
When reading all you network admins' posts, I wonder if any of you ever read and understand many of the topics here on techdirt?
I see a parallel to kids internet usage at home: parents shouldn't block and constantly monitor their kids internet usage, they should rather teach their children what dangers are out there, and how they can avoid them. (http://techdirt.com/articles/20060929/154029.shtml )
Likewise, my boss should not monitor what pages i surf and what IMs i write, he should look at what i produce for him.
[ link to this | view in chronology ]
re :power hungry admin
one more thought why do I do the network monitoring like I do. simple I have a 14 year old daughter and I wanna see who's knocking on her door
Teknosapien
NMS Engineer
[ link to this | view in chronology ]
Re: re :power hungry admin
You can sniff all you want...it smells no different than a freshly baked muffin...
[ link to this | view in chronology ]
...
To the other people complaining about my previous post, actually the company where I work doesn't have a computer usage policy, so I imagine they can't fire me for running a program that they know I am running (PuTTY, not Tor).
As for people saying that you're not protected from keyloggers, correct, chances are a company won't use keyloggers on all their machines though. You might notice I never claimed it protected you from that.
As for concerns that a so-called "network-nazi" could get you fired for using putty or tor, you could always use a web front-end on a webserver with HTTPS, then it would be difficult to differentiate it from many other websites.
If you're good at your job I can't imagine most companies would mind the use IM.
[ link to this | view in chronology ]
GPRS/EDGE, ETC and a LAPTOP
Your company can not see one THING!
Well.... as long as they can't see over your shoulder ;-)
[ link to this | view in chronology ]
monitoring or peeping toms?
New Mexico is one of the few states that still allows cameras in public bathrooms. Big brother still lives. I am wondering what these "admin. people are hoping to find when they view these tapes? Perhaps they should have cameras watching them...watching other people use bathroom facillities. Think these peeping admin. guys come to work with a tub of crisco and breakaway speedos?
[ link to this | view in chronology ]